Don't Network Administrators Require Privacy? 457
An anonymous reader writes to tell us that Recently their company has decided to move the IT staff out of their offices to make room for the Service Department. The move has placed the IT staff in cubicles that all face inward and lack, obviously, the ability to lock their doors at night. This is, to them, an obvious breach in security and privacy for what may be sensitive network information. Have any other Slashdot readers dealt with this sort of problem before? If so, what specific information was best suited to rectify these security concerns?
Might Even Be Illegal? (Score:5, Interesting)
In a hallway (Score:3, Interesting)
So, poster, it could ALWAYS be worse.
Give me a break (Score:3, Interesting)
Passwords should not be found on post-it notes stuck to your monitor, nor should they be saved on your computer, anywhere. Don't keep them in text files, emails, IM history, cookies, etc. Passwords should be memorized or written down in your wallet, or better yet, your company should implement a security token system and do away with static passwords. Any sensitive data which has to be stored should be encrypted. Any workstations or servers at your desk should be locked when you walk away.
Shoulder-surfing for passwords is extremely hard. Try it sometime: at 80 WPM or more, it's virtually impossible to follow and remember every keystroke, especially while trying to be inconspicuous. As for keyloggers, server theft and more serious security breaches, these should be dealt with proactively at a lower level. Screen potential employees carefully, and keep security cameras rolling throughout the office to discourage suspicious behavior.
No sympathy here (Score:5, Interesting)
Know what? I actually like it. We have almost no staff meetings and part of the reason is we are all there and can talk to each other as needed. In fact usually we work with at least one headphone off so we can hear what's going on and stay informed. If someone is doing something that needs a lot of concentration, headphones go on and they get left alone.
It works really well, and means there's one central location people go to for computer support.
As for privacy, from what? Anything remotely private isn't in my desk, it's on my computer. Well, we all have root so we can all get in to each other's shit if we want. The room itself locks to keep others out at night, of course, but as for my coworkers, well if I can't trust them to not mess with my stuff, they probably shouldn't be employed anyhow. Any of us could, if we wanted, wreak massive havok having the root password to all servers, the enable password to all switches, etc.
Sounds like just so much whining to me.
Couple of solutions... (Score:5, Interesting)
Whether or not this is correct, you should organize a demonstration of how easy it is to:
Of course, invite everyone who is someone in the company to this demo, including people like the CEO and CFO. In short, people who care about data security.
And whatever you do, keep a paper trail, by sending emails to the power-that-be, keeping a paper copy, and be as courteous and professional as can be, while being firm that this situation is unnaceptable. Please remember that these are probably not technical people. But they will understand that some data should stay inside...
Just my 0.02 US$ here of course, IANAL, but I am a sysadmin.
Re:Breakins.. (Score:3, Interesting)
[Unfortunately, not entirely a joke. It seemed to have poisoned our department relations with IT when I once visited the server room and I questioned why our server and Oracle database passwords were sitting next to our server.]
I guess I'm naive too. I don't see where this should be so difficult with server room security, desk locks and some hardware security: hardware lock-down, no cd boot, BIOS password. If the janitor is going to remove your hard drive or jimmy your desk lock, you probably do need a better overall corporate security plan.
Re:Where I work we have the same situation (Score:2, Interesting)
Looks like you're not getting much sympathy (Score:5, Interesting)
I'm a network admin and not only am I part of the small percentage in our company that has an office, I'm part of an even smaller percentage that has a locking door. For me, it might not be completely necessary but it's desired for 3 reasons:
1) Work space - At any one time I might be working on 2 or 3 laptops and desktops while loading a server or configuring a router, etc. I need the space to set it all up. I have a counter top that runs along 2.5 walls of my office and a long table on the blank wall and it's all often occupied. My office doubles as my shop/lab.
2) Security - I have stacks of laptops, hard drives, routers, switches, etc. stored in my office and with our growth, more coming in every day. It's not that someone couldn't steal this stuff from elsewhere in our facilies, it's just that it's much easier to get to in my office. No unplugging, unbolting, etc. Just grab a stack of laptops and go. I've seen cabinets mentioned in other posts but I have too much stuff going on and if I was in one of our cubes I'd be lucky to fit 1 cabinet.
3) Peace and quiet - Between the useless chatter, relentless phone calls, streaming music and other noises, I can hardly hear myself think out there (cube world). Not to mention the drive through questions. Everybody and their little brother feels the need to stop by my office and ask a question on their way by. I don't mind it all the time. In fact I'm quite sociable, open and helpful but when I'm troubleshooting a tough problem or working on a project I just don't like to be disturbed. I generally deal with user issues in the morning and work on projects in the afternoon and evening. After lunch, when I close my door, everyone knows not to come knockin unless their problem is preventing them from completing their work.
That's my 47 cents.
Re:Locked Drawers (Score:5, Interesting)
Actually, that's not why those cheap locks exist. They are there so that people don't have to put up "don't open this even if you're just looking for a stapler" notices all over the place.
The common bathroom lock is a good example. It's easily bypassed because it's not there to seriously defend the bathroom. It's there as a "this is off-limits for the time being" notice.
Beat Shoulder Surfing... (Score:2, Interesting)
You can get an equivalent tool in most auto-supply stores -- the kind you're supposed to stick in a corner of your side mirrors to give you a wider field of view. Once it's on your monitor, any movement in it (signaling an approaching surfer) catches your attention.
Re:Man up, nancy. (Score:5, Interesting)
We had this problem here until the director of operations was reamed up one side down the other and then almost publically flogged when we missed an audit and he ignored all the noted problems on the monthly internal audits.
Now all key IT people not only are in a cubicle land in an office with limited keycard access, but we have 3m privacy filters on all our screens. and al lservers were put in a server room with even more limited access. Before then they had them pretty much in the open where anyone could gain physical access of the servers and the IT department easily.
No Problems (Score:3, Interesting)
All of the documentation for our dispatch center has been stored in a bookshelf within dispatch. That's a controlled area but the dispatchers can all view it. As I predicted, one of the dispatchers did dig through it and made copies of certain documents. She then supplied those documents to one of the deputies who is now using that information as part of a suit against the county (long story, he thinks we intentionally have bad radio coverage).
Management didn't give a shit about that. The insurance folks shook thier heads in disgust but then they've seen it all with our county so nothing shocks them anymore. When that documentation made it to the internet it still didn't phase anyone.
Privacy? You want privacy? Around here they either think you're being a prima donna or you're up to something. There can't actually be a need for privacy.
You Think That's Bad... (Score:1, Interesting)
Now IT is a high-security environment with all police passwords available, direct access to both mainframe and other databases w/o logging, direct access to local, state and federal databases, source code listings organized in cabinets in the hallways and old code stacked awaiting shredding and, of course, personal property (workout bags, backpacks, purses, wallets, guns, desks, cellphones, blackberries, laptops, etc.) where prison inmates have access to them.
The "trustees" must have thought they'd died and gone to heaven: the pickings were ripe in the department. Hell, they even gave the trustees the entry codes for the electronic door locks!
Anyway, this lasted about a week until someone pointed out that, to work in IT, a person had to undergo a complete background check, including proctoscoping of all grandparents deceased or not, prior to entering the IT work area . Hizzoner the Mayor reversed his decision to use trustees as janitors.
They never changed the electronic door lock codes, though.
Cubicles? Doors? (Score:4, Interesting)
So the network admins have been moved out of their offices? Cry me a river, and welcome to the 21st century along with the rest of us.
Re:Might Even Be Illegal? (Score:3, Interesting)
Don't try to sound like a security expert... (Score:2, Interesting)
There are a lot of bad ideas here from people who obviously think that they understand security. When it comes to security someone saying that something is possible should raise an eyebrow, and someone saying that something is impossible should be ignored.
Give me physical access to a computer of an IT staff member who has reasonable levels of access and I will be able to compromise the entire network; period.
If I have physical access to a computer it is mine, and short of physically stopping me there is nothing you can do to prevent me from having complete access to that computer.
Imagine this, if you will:
I have a motive to gain complete control over the network. Be it that I'm a disgruntled employee, looking to profit, or simply wanting to get some dirt on someone I don't like... for some reason I want to get complete control of the network.
Why would I sit down at the computer and work on it for long when there is a risk of being caught?
Instead I bring a bootable utility disk, an external hard drive, and boot up an environment that will let me create a bit-stream image of the entire disk and save it to my external drive.
It takes me about 30 to 120 seconds to set this up, maybe a few extra min if I need to reset the BIOS (but this is an IT staff workstation, I'm sure the lazy IT employee just has his workstation set to boot off the CD already...)
So I go away for an hour or two, come back, retrieve my external HD and there is no way to detect I ever accessed that disk.
Later, I perform an analysis of the disk image looking in file slack, ram slack, and deleted files... what do I find? Sensitive conversations, documents, encryption keys, and passwords: jackpot. That's right, I don't care if you save everything off on a network drive, if your workstation has a hard disk chances are that most of the information I need is hidden on it (especially true on Windows workstations and NTFS file systems).
Not only did I just get all the "keys" to your precious network, but I also got myself an exact copy of that computers configuration so I can replicate it if I need to, and I did it so fast that you won't even realize there is a problem.
How long did this take me? About 5 min of access to the computer, with some down time where I was away doing something else (gee, Mr. Janitor can do this can't he?) in between.
So you see, this idea of storing "sensitive" data only on the network is bunk. You created a $50,000 lock that I can pick with a 5 cent pen, congratulations, your CEO must be proud.
Any, and I stress this: Any computer terminal that is not physically secured should be a diskless workstation. People underestimate the value in thin client computing. From a security standpoint you should treat every hard disk that has ever been in a computer that has accessed sensitive information, even once, as a copy of that information. This includes documents viewed, passwords entered, etc. In other words: every hard disk in your organization.
I guess I'll mention it now for those of you who can't read between the lines: Do you ever throw out old hard drives? What information was on them? What information is still on them? Every time a computer hard disk comes into contact with IT, it should be whipped thoroughly with multiple passes of random data (to avoid data recovery though forensics techniques). I recommend at least the American DoD 5220-22.M Standard Wipe. There are Free Software tools available to do this, such as DBAN.
So are cubicles a bad idea for IT staff computers? I think the answer to that is obvious. The real question here is: Is the benefit to having workstations with hard disks worth the extra security concerns they present? If you deal in sensitive information, you want to be very sure that every computer with a hard disk is physically secure.
Re:Man up, nancy. (Score:2, Interesting)
Amusingly we had at one point a war between two auditing firms. One side wanted windows into the server room so that we could see if someone was doing neferious things. The other auditing company wanted the windows gone to prevent shoulder surfing. Our solution? Blinds. They go up when one auditing company is around and down when the other's there!
Re:Yes, and stripper girlfriends (Score:2, Interesting)
>trust at least that much, you need to find new janitors.
I always thought that a janitorial company would make the perfect cover for an industrial espionage outfit. The janitors have nearly complete acccess to all sorts of high-tech offices, with no one to monitor them. (I don't worry about startups and game shops - their coders are in the office all night anyways
How many designers/developers/etc. remember to wipe the whiteboards every day? Or clean off their desks and lock down their systems? How many product designs/customers lists/launch dates/etc. have been leaked out and sold to competitors? And the victim totally in the dark about the source of the leak?
If properly managed, the information brokerage could bring in lots more money than the legitimate janitorial side of the business, with practically no risk to the principals.
And I'm not even considering the possibility of outright theft - either by the real low-paid janitors, or imposters.
Out of the last 10 or so software companies I've worked for, only one paid any attention to the cleaning staff. We had the cleaning company assign specific people to the developers floors, and had their photos posted in a common area. This made it a bit harder for
a phony to claim they were part of the cleaning staff.
Re:Locked Drawers (Score:5, Interesting)
I am a locksmith. I work with file cabinets and cube drawers all the time. Those locks you link to are specifically for one particular brand of medium-security, fire-rated, burglary-safe type file cabinets, not cubicle furniture. The crap-ass locks on cubicle drawers and cabinets, even the more expensive Steelcase stuff, simply cannot be improved. They're cheap chinese junk of one-off designs that don't lend themselves to retrofitting anything decent. Furthermore, a better lock doesn't do squat for security when your drawers and cabinets are made of cheap sheetmetal and particle board. If someone were stupid enough to install (say) an expensive MAS Hamilton electronic safe lock on a standard steelcase desk drawer, I would almost pay money for the chance to show him how his costly upgrade could be bypassed with a flat blade screwdriver.
Cube furniture isn't secure. Expensive locks ain't the answer.
Dude, you had an Office???? (Score:5, Interesting)
IT people are in cubicles and have been for at least 20 years. The servers are locked up in secured environmentally controlled data centers. You wouldn't want to work there, it sucks typing when your hands are freezing. The noise of the cooling fans and air conditioning is pretty darn loud too.
Due to Sarbanes/Oxley the customer data is secured to such a ridiculous degree that the IT staff doesn't have access to production data anymore! Yeah, that's right, the IT staff cannot see production data! When there is a problem we have to request a special temporary user name that expires in like 8 eight hours. That id is issued to you and the password is reset. You then use that account to examine the production system. Everything that account sees or does is logged extensively. When you are done, you give the account back and it's reset. If you forget, it will expire soon enough. Those with access to issue the accounts and reset them are at the highest levels of security and are located in our mainframe operations center where they are under constant surveillance including by closed circuit digital cameras. These guys have to go through several card access points to reach the data center. They are not even in cubicles but what looks like a college lecture hall of desks on stepped risers with projection screens on the main wall. Looks like a NASA control center. This helps a lot in major outages to have all the experts in the same room.
The call center staff obviously has access to production client data because they need to. But that doesn't mean they aren't being watched all the time. Every read is logged and if it's found that they should not be reading that customers data at that time, they will be caught. Random audits are performed constantly. We have a special investigations team which is constantly on the lookout for potential fraudsters, etc.
Security performs periodic physical security audits. i.e. going around looking for people who keep their ID/Passwords under their keyboards or on post-it notes; leaving their desks unlocked, leaving confidential information out in the open, etc. This happens at night after most people go home.
Cell phones with cameras and USB devices are forbidden in some places. The call center computers USB ports have been filled with an insulating epoxy from a hot glue gun. Of course that doesn't stop someone from writing down notes and sticking it in their pants. I mean if Sandy Berger can enter the national archives and stuff top secret documents down his pants and walk right out then so can a call center employee who makes less then $15 / hour. What the hot glue in the USB / Firewire slot does is stop someone from moving gigabytes of data out the door in one move. There are also no CD/DVD burners in the call center for the same reason.
Arguing security isn't a good thing, it will just lead to a security crackdown that isn't going to stop someone whose diligent and determined. It will just inconvenience you further... Take a look at those 4 Chinese Spies they just caught in California! They worked for defense contractors and gave away military secrets to the Chinese. I mean if we can't stop our military secrets from walking how can we stop everyday business data theft and industrial or corporate espionage?
Re:Man up, nancy. (Score:3, Interesting)
Re:Man up, nancy. (Score:2, Interesting)